After many struggles, Symantec has failed to solve issues with Google, Mozilla and other major browsers and finally decided to sell its digital certificates business to another popular Certificate Authority, DigiCert. The company said in a recent press release that DigiCert is acquiring its Website Security and related PKI solutions business, which was confirmed by DigiCert as well in an official blog post. The transaction includes both SSL/TLS and IoT business units and the deal is expected to close by the end of this year.
The announcement was accompanied by company’s release of Q1 earnings and company’s stock rise by 4.2% after the announcement. DigiCert will pay $950 million in upfront cash plus assign 30% stake in common stock equity. Since DigiCert is a private company, the total value of the transaction is unclear. But we can safely assume it to be above the $1 billion value.
After this deal, Symantec will feel free from all problems it has been experiencing with SSL/TLS and IoT business units so the company will be able to focus on other important businesses.
In case you don’t know, Symantec has had a number of problems with this unit. The biggest problem came a few months ago in March when it had a spat with Google over what the parent company of Chrome browser called “mis-issuing of more than 30,000 HTTPS certificates.” A resolution was eventually reached between both companies but on a serious condition underscored by Google.
The condition put by Silicon Valley based giant for a compromise was that Symantec will no longer issue digital certificates and certificates should only be issued by Managed Certificate Authorities (MCAs). This requirement started eating into the revenue of Symantec from this business unit. But Google didn’t ditch from its stance, as it wants the green padlock of its Chrome browser to be the 100% guarantee of security.
In the final proposal, Google notified Symantec that their current root certificates retired and will have to replace with a new infrastructure. Symantec has proposed to invest in new infrastructure to develop a new PKI platform, but virtually it is not possible to complete this task within the proposed timelines. So, this is a perfect time for DigiCert to acquire Symantec’s digital certificate business as existing customers are demanding full browser compatibility and assurance.
The issue is so pressing right now that DigiCert also decided to address it in its blog post. The company said that they “feel confident that this agreement will satisfy the needs of the browser community.” However, it remains to be seen how satisfied Google is from this deal.
DigiCert is conveying with browser community and will keep on working intimately with them to closing the transaction. DigiCert acknowledges and promises to insist trust in SSL/TLS certificate and ensuring all clients.
Digital Certificates are meant to make the internet safer for all. They should ideally not have any flaws, but unfortunately, we don’t live in an ideal world. We live in a world where fake certificates are already in circulation and in a world where the creation of such fake certificates is rewarded by hackers. That’s the reason why Google came down heavily on Symantec – if a company as trusted and reputed as Symantec can’t have foolproof certificates; it’s a major failure on their part. Hopefully, things will improve now after an acquisition of the business by DigiCert. Once a satisfactory track record is maintained, Google may also lift its sanction from the business unit.
0 comments:
Post a Comment